This is really neat. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
Month: September 2018
The major tech companies, scared that states like California might impose actual privacy regulations, have now decided that they can better lobby the federal government for much weaker national legislation that will preempt any stricter state measures. I’m sure they’ll still do all they can to weaken the California law, but they know they’ll do … Read More “Major Tech Companies Finally Endorse Federal Privacy Regulation” »
Interesting research: In the team’s experiments, one WiFi transmitter and one WiFi receiver are behind walls, outside a room in which a number of people are present. The room can get very crowded with as many as 20 people zigzagging each other. The transmitter sends a wireless signal whose received signal strength (RSSI) is measured … Read More “Counting People Through a Wall with WiFi” »
This one is from NIST: “Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks.” It’s still in draft. Remember, there are many others. Powered by WPeMatico
This is interesting research: “On the Security of the PKCS#1 v1.5 Signature Scheme“: Abstract: The RSA PKCS#1 v1.5 signature algorithm is the most widely used digital signature scheme in practice. Its two main strengths are its extreme simplicity, which makes it very easy to implement, and that verification of signatures is significantly faster than for … Read More “Evidence for the Security of PKCS #1 Digital Signatures” »
If someone has physical access to your locked — but still running — computer, they can probably break the hard drive’s encryption. This is a “cold boot” attack, and one we thought solved. We have not: To carry out the attack, the F-Secure researchers first sought a way to defeat the the industry-standard cold boot … Read More “New Variants of Cold-Boot Attack” »
On James Island. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
Lots of people are e-mailing me about this new result on the distribution of prime numbers. While interesting, it has nothing to do with cryptography. Cryptographers aren’t interested in how to find prime numbers, or even in the distribution of prime numbers. Public-key cryptography algorithms like RSA get their security from the difficulty of factoring … Read More “New Findings About Prime Number Distribution Almost Certainly Irrelevant to Cryptography” »
NIST has released a new study concluding that the AES encryption standard has resulted in a $250-billion worldwide economic benefit over the past 20 years. I have no idea how to even begin to assess the quality of the study and its conclusions — it’s all in the 150-page report, though — but I do … Read More “AES Resulted in a $250-Billion Economic Benefit” »
Of course the ESS ExpressVote voting computer will have lots of security vulnerabilities. It’s a computer, and computers have lots of vulnerabilities. This particular vulnerability is particularly interesting because it’s the result of a security mistake in the design process. Someone didn’t think the security through, and the result is a voter-verifiable paper audit trail … Read More “Security Vulnerability in ESS ExpressVote Touchscreen Voting Computer” »